Article <v6i0eb$131tb$2@dont-email.me>

Warning: mysqli::__construct(): (HY000/1203): User howardkn already has more than 'max_user_connections' active connections in D:\Inetpub\vhosts\howardknight.net\al.howardknight.net\includes\artfuncs.php on line 21
Failed to connect to MySQL: (1203) User howardkn already has more than 'max_user_connections' active connections
Warning: mysqli::query(): Couldn't fetch mysqli in D:\Inetpub\vhosts\howardknight.net\al.howardknight.net\index.php on line 66
Article <v6i0eb$131tb$2@dont-email.me>

Deutsch English Français Italiano

<v6i0eb$131tb$2@dont-email.me>

View for Bookmarking (what is this?)
Look up another Usenet article

Path: ...!weretis.net!feeder8.news.weretis.net!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: Alan <nuh-uh@nope.com>
Newsgroups: misc.phone.mobile.iphone,comp.sys.mac.apps
Subject: Re: Orphaned CodoPods are found in Apple software
Date: Mon, 8 Jul 2024 17:32:11 -0700
Organization: A noiseless patient Spider
Lines: 46
Message-ID: <v6i0eb$131tb$2@dont-email.me>
References: <v6brna$16iit$1@news.samoylyk.net> <rzeiO.8448$pVB9.6500@fx34.iad>
 <v6c85a$17bja$1@news.samoylyk.net> <v6c8sk$9fdv$1@solani.org>
 <letr8cFge14U2@mid.individual.net> <v6cjb6$9l4b$1@solani.org>
 <v6ckup$186t1$1@news.samoylyk.net> <Z5viO.11483$6eV2.7178@fx12.iad>
 <v6eour$1copo$1@news.samoylyk.net> <v6g6mo$pqjo$1@dont-email.me>
 <v6hjtm$1ind6$1@news.samoylyk.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Tue, 09 Jul 2024 02:32:12 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="b1aec130310c13342a9e7c252d339242";
	logging-data="1148843"; mail-complaints-to="abuse@eternal-september.org";	posting-account="U2FsdGVkX18Nj4uNxi1Q2aDLAXoUME83ozkkoEQYeNw="
User-Agent: Mozilla Thunderbird
Cancel-Lock: sha1:n1QrenxdUw8El1lFJtf+RpJdaZE=
In-Reply-To: <v6hjtm$1ind6$1@news.samoylyk.net>
Content-Language: en-CA
Bytes: 3100

On 2024-07-08 13:58, Wolf Greenblatt wrote:
> On Mon, 8 Jul 2024 08:06:48 -0000 (UTC), Chris wrote:
> 
>>> Probably very true. All I know is researchers found a flaw in millions of
>>> mac/iOS apps and Apple didn't find that same flaw even after a decade.
>>
>> The point that's being missed is that no-one else spotted it either.
>> Despite existing for so long it was never exploited.
> 
> Three million iOS/macOS apps were vulnerable for a decade, and Apple didn't
> even care to think about backing up their own claims of safety & security.

Ummmm... ...no.

1. You need to show that "three million" iOS/macOS apps" actually USED 
CocoaPods.

2. You need to show how many of those made use of the "Pods" that had 
been orphaned.

> 
>> This was specifically an error on the side of the people managing the
>> CocoaPods library. They should not have left orphan accounts open
>> indefinitely.
> 
> It's worse than that because ANYONE (yes, even you and me) could have
> injected code into those apps for a decade without Apple caring about it.

Nope. You couldn't inject code into any app that didn't use one of the 
orphaned "Pods".

> 
>>
>>> Shouldn't Apple care that millions of mac/iOS apps are vulnerable?
>>
>> *were* vulnerable. It was fixed last year. It has only been reported
>> recently for obvious reasons.
> 
> It was fixed but Apple didn't even know about it until someone told them
> that anyone (yes, even you and me) could have injected code into any of
> three million macOS/iOS apps for over a decade because Apple didn't care.

Still stuck on repeating things you know you can't know are true.

Normal, sane people call that "lying".